#! /bin/bash
# Manual customization of this file is not recommended.
{% if inventory_hostname in groups['fileserver'] or inventory_hostname in groups['yumrepo'] %}
for port in 80 8080; do
  firewall-cmd --permanent --add-port=$port/tcp
done
{% endif %}

{% if inventory_hostname in groups['registry'] %}
firewall-cmd --permanent --add-port=5000/tcp
{% endif %}

{% if inventory_hostname in groups['portal_db'] %}
for port in 5432 6379; do
  firewall-cmd --permanent --add-port=$port/tcp
done
{% endif %}

{% if inventory_hostname in groups['node'] %}
for port in 27017 8080 8090 9088 9098 10086; do
  firewall-cmd --permanent --add-port=$port/tcp
done
firewall-cmd --permanent --add-port=161/udp
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 -p vrrp -j ACCEPT
{% endif %}
